diff options
| author | jessib <jessib@riseup.net> | 2013-03-05 10:16:41 -0800 |
|---|---|---|
| committer | jessib <jessib@riseup.net> | 2013-03-05 10:16:41 -0800 |
| commit | f0ffc65aa38473ef280ed80526691d588f14c8de (patch) | |
| tree | 1df9d9900872cf2e97d5c27b4175816eff5cbf80 /users/test/integration/api/account_flow_test.rb | |
| parent | 87c306ea212c01ecc8f98009def5971fc4d5af11 (diff) | |
| parent | 27c16ccceffa1d8eaaf02612cf29a60bfe6ced01 (diff) | |
Merge pull request #36 from leapcode/feature/limit_user_leak
When attempting to login, the error messages should not leak information...
Diffstat (limited to 'users/test/integration/api/account_flow_test.rb')
| -rw-r--r-- | users/test/integration/api/account_flow_test.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index 314d71a..e618541 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -75,7 +75,7 @@ class AccountFlowTest < ActiveSupport::TestCase test "signup and wrong password login attempt" do srp = SRP::Client.new @login, :password => "wrong password" server_auth = srp.authenticate(self) - assert_json_error :password => "wrong password" + assert_json_error({:login => "Not a valid username/password combination", :password => "Not a valid username/password combination"}) assert !last_response.successful? assert_nil server_auth["M2"] end @@ -86,7 +86,7 @@ class AccountFlowTest < ActiveSupport::TestCase assert_raises RECORD_NOT_FOUND do server_auth = srp.authenticate(self) end - assert_json_error :login => "could not be found" + assert_json_error({:login => "Not a valid username/password combination", :password => "Not a valid username/password combination"}) assert !last_response.successful? assert_nil server_auth end |